ExamGecko
Search Search Login
Home Home / Microsoft / AZ-500

Microsoft AZ-500 Practice Test - Questions Answers, Page 5

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Simulation LAB Task 1 You need to ensure that connections from the Internet to VNET1\subnet0 are allowed only over TCP port 7777. The solution must use only currently deployed resources.
You have an Azure subscription that uses Azure AD Privileged Identity Management (PIM). A user named User1 is eligible for the Billing administrator role. You need to ensure that the role can only be used for a maximum of two hours. What should you do?
HOTSPOT You have an Azure key vault named KeyVault1 that contains the items shown in the following table. In KeyVault1 the following events occur in sequence: • item is deleted. • ltem2 and Policy1 are deleted. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT You have Azure virtual machines that have Update Management enabled. The virtual machines are configured as shown in the following table. You schedule two update deployments named Update1 and Update2. Update1 updates VM3. Update2 updates VM6. Which additional virtual machines can be updated by using Update1 and Update2? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You are configuring and securing a network environment. You deploy an Azure virtual machine named VM1 that is configured to analyze network traffic. You need to ensure that all network traffic is routed through VM1. What should you configure?
From Azure Security, you create a custom alert rule. You need to configure which users will receive an email message when the alert is triggered. What should you do?
HOTSPOT You have an Azure key vault. You need to delegate administrative access to the key vault to meet the following requirements: Provide a user named User1 with the ability to set advanced access policies for the key vault. Provide a user named User2 with the ability to add and delete certificates in the key vault. Use the principle of least privilege. What should you use to assign access to each user? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You have an Azure subscription that uses Microsoft Defender for Cloud. You have accounts for the following cloud services: • Alibaba Cloud • Amazon Web Services (AWS) • Google Cloud Platform (GCP) What can you add to Defender for Cloud?
SIMULATION You need to ensure that User2-11641655 has all the key permissions for KeyVault11641655. To complete this task, sign in to the Azure portal and modify the Azure resources.
HOTSPOT You have an Azure subscription that contains the virtual networks shown in the following table. NSG1 and NSG2 both have default rules only. The subscription contains the virtual machines shown in the following table. The subscription contains the web apps shown in the following table. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Question 41

Report
Export
Collapse

DRAG DROP

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure Subscription named Sub1. Sub1 contains an Azure virtual machine named VM1 that runs Windows Server 2016.

You need to encrypt VM1 disks by using Azure Disk Encryption.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Question 41
Correct answer: Question 41

Explanation:

References:

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/encrypt-disks

Question 42

Report
Export
Collapse

You have an Azure subscription that contains a virtual machine named VM1.

You create an Azure key vault that has the following configurations:

Name: Vault5

Region: West US

Resource group: RG1

You need to use Vault5 to enable Azure Disk Encryption on VM1. The solution must support backing up VM1 by using Azure Backup.

Which key vault settings should you configure?

A.
Access policies
A.
Access policies
Answers
B.
Secrets
B.
Secrets
Answers
C.
Keys
C.
Keys
Answers
D.
Locks
D.
Locks
Answers
Suggested answer: A

Explanation:

References:

https://docs.microsoft.com/en-us/azure/key-vault/key-vault-secure-your-key-vault

Question 43

Report
Export
Collapse

You have an Azure subscription named Sub1 that contains the resources shown in the following table.

You need to ensure that you can provide VM1 with secure access to a database on SQL1 by using a contained database user.

What should you do?

A.
Enable a managed service identity on VM1.
A.
Enable a managed service identity on VM1.
Answers
B.
Create a secret in KV1.
B.
Create a secret in KV1.
Answers
C.
Configure a service endpoint on SQL1.
C.
Configure a service endpoint on SQL1.
Answers
D.
Create a key in KV1.
D.
Create a key in KV1.
Answers
Suggested answer: B

Explanation:

https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure- resources/tutorial-windows-vm-access-sql


Question 44

Report
Export
Collapse

You have an Azure subscription named Sub1 that contains the Azure key vaults shown in the following table:

In Sub1, you create a virtual machine that has the following configurations:

Name: VM1

Size: DS2v2

Resource group: RG1

Region: West Europe

Operating system: Windows Server 2016

You plan to enable Azure Disk Encryption on VM1.

In which key vaults can you store the encryption key for VM1?

A.
Vault1 or Vault3 only
A.
Vault1 or Vault3 only
Answers
B.
Vault1, Vault2, Vault3, or Vault4
B.
Vault1, Vault2, Vault3, or Vault4
Answers
C.
Vault1 only
C.
Vault1 only
Answers
D.
Vault1 or Vault2 only
D.
Vault1 or Vault2 only
Answers
Suggested answer: C

Explanation:


Question 45

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains an Azure key vault named Vault1.

On January 1, 2019, Vault1 stores the following secrets.

When can each secret be used by an application? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Question 45
Correct answer: Question 45

Explanation:

Box 1: Never

Password1 is disabled.

Box 2: Only between March 1, 2019 and May 1,

Password2:

Reference:

https://docs.microsoft.com/en-us/powershell/module/azurerm.keyvault/set-azurekeyvaultsecretattribute

Question 46

Report
Export
Collapse

You have an Azure web app named webapp1.

You need to configure continuous deployment for webapp1 by using an Azure Repo.

What should you create first?

A.
an Azure Application Insights service
A.
an Azure Application Insights service
Answers
B.
an Azure DevOps organizations
B.
an Azure DevOps organizations
Answers
C.
an Azure Storage account
C.
an Azure Storage account
Answers
D.
an Azure DevTest Labs lab
D.
an Azure DevTest Labs lab
Answers
Suggested answer: B

Explanation:

To use Azure Repos, make sure your Azure DevOps organization is linked to your Azure subscription.

Reference:

https://docs.microsoft.com/en-us/azure/app-service/deploy-continuous-deployment

Question 47

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains the resources shown in the following table.

User1 is a member of Group1. Group1 and User2 are assigned the Key Vault Contributor role for Vault1.

On January 1, 2019, you create a secret in Vault1. The secret is configured as shown in the exhibit. (Click the Exhibit tab.)

User2 is assigned an access policy to Vault1. The policy has the following configurations:

Key Management Operations: Get, List, and Restore

Cryptographic Operations: Decrypt and Unwrap Key

Secret Management Operations: Get, List, and Restore

Group1 is assigned an access policy to Vault1. The policy has the following configurations:

Key Management Operations: Get and Recover

Secret Management Operations: List, Backup, and Recover

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 47
Correct answer: Question 47

Question 48

Report
Export
Collapse

HOTSPOT

You have an Azure Active Directory (Azure AD) tenant named contoso1812.onmicrosoft.com that contains the users shown in the following table.

You create an Azure Information Protection label named Label1. The Protection settings for Label1 are configured as shown in the exhibit. (Click the Exhibit tab.)

Label1 is applied to a file named File1.

For each of the following statements, select Yes if the statement is true, Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 48
Correct answer: Question 48

Question 49

Report
Export
Collapse

SIMULATION

You need to prevent HTTP connections to the rg1lod10598168n1 Azure Storage account.

To complete this task, sign in to the Azure portal.

A.
A.
Answers
Suggested answer: A

Explanation:

Answer: A

Explanation:

The "Secure transfer required" feature is now supported in Azure Storage account. This feature enhances the security of your storage account by enforcing all requests to your account through a secure connection. This feature is disabled by default.

1. In Azure Portal select you Azure Storage account rg1lod10598168n1.

2. Select Configuration, and Secure Transfer required.

Reference:

https://techcommunity.microsoft.com/t5/Azure/quot-Secure-transfer-required-quot-is-available-in-Azure-Storage/m-p/82475

Question 50

Report
Export
Collapse

SIMULATION

You need to ensure that the rg1lod10598168n1 Azure Storage account is encrypted by using a key stored in the KeyVault10598168 Azure key vault.

To complete this task, sign in to the Azure portal.

A.
A.
Answers
Suggested answer: A

Explanation:

Answer: A

Explanation:

Step 1: To enable customer-managed keys in the Azure portal, follow these steps:

1. Navigate to your storage account rg1lod10598168n1

2. On the Settings blade for the storage account, click Encryption. Select the Use your own key option, as shown in the following figure.

Step 2: Specify a key from a key vault

To specify a key from a key vault, first make sure that you have a key vault that contains a key. To specify a key from a key vault, follow these steps:

4. Choose the Select from Key Vault option.

5. Choose the key vault KeyVault10598168 containing the key you want to use.

6. Choose the key from the key vault.

Reference:

https://docs.microsoft.com/en-us/azure/storage/common/storage-encryption-keys-portal

Total 439 questions
Go to page: of 44
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms